Trying to validate Credit Card Form (jQuery, ColdFusion)

StackOverflow https://stackoverflow.com/questions/18618455

Question

I have a CC update info form. Only the last 4 of the card number is shown and the rest is starred out (******1234).

When someone goes in and just needs to update their expiration date on a card with the same number, we have to require them to update the card as well, since the the starred out number will submit to the API we use, and will return as a bad CC number. API requires that both sets of numbers (card number & exp date) be submitted. The simplest solution seems to be to check on submit if the cardnumber is starred out.

How do I check if the first 12 numbers are starred out (****) with javascript/jQuery?

Also, please feel free to suggest a different way to deal with this if you know a better solution.

I'm familiar enough with jQuery validation, but have never seen something that can do this.

Thanks in advance,

Steven

Was it helpful?

Solution

If you are storing the data in the database then when the new exp data arrives can't you just look up the CC number in the DB and pass it along that way? As for your other issue if your form really is passing asterisks just look for them:

<cfif find(ccnum,"*")>
   you have stars so you look up the CC before passing it
<cfelseif isvalid("CC", CCNUM)>
  you have a valid cc num... so combine it with the other data and submit it.
<cfelse>
  you have something unexpected send an error back to the user
</cfif>

OTHER TIPS

Not fancy but you could just look at the string.

Client Side:

if(ccNum.substr(0,11) == '************'){
    // do whatever
}

ColdFusion Side :

if(left(ccNumber,12) == '************'){
    // do whatever
}

or tag based 

<cfif left(ccNumber,12) eq '************'>
    <!--- do whatever --->
</cfif>

I was initially going to suggest simply ignoring the CC number field in the form when you do the update SQL / transaction. Just because it is provided by the user doesn't mean you have to use it.

But there is an issue with this - it assumes that a user will never be updating the credit card info with a different credit card - which I would suggest is a bad thing to "just" assume.

How about if you checked the submitted values for "*" characters in the credit card number?

If there are "*" they have NOT changed the CC number from what was originally saved, so therefore it is a "safe(r) bet", now that you can disregard the number.

If there are NO "*" - they have provided a CC number - validate it / re-save it. Even if it is the same card number as before - just assume they have entered an entirely different number and perform your required CC number validation and then save all form data.

Something like;

<cfif form.ccNumber contains "*">
    <!--- disregard the CC number it is the same as the old one --->
    <!--- do other form field validation --->
    <!--- save all OTHER form fields, only / do NOT save the CC number --->
<cfelse>
    <!--- we have no "*" in the CC number - validate the card number --->
    <!--- jQuery has credit card validation in its validation plugin. --->
    <!--- do other form field validation --->
    <!--- save ALL form fields --->
</cfif>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top